I can't seem to stop it. When I disable the firewall, TJPingPro works fine, but when I enable it, nothing gets out. Only pings to LAN addresses work. The firewall never asked for a rule when TJPing tried pinging, but I created one for it manually and it still didn't work. I even tried adding to the "Rules with no application assigned" list and it still won't ping through.

Pings done via command prompt still work, but both TJPing 1.2.1 and 2.0 don't.

Version 4.0.437.0 on Vista64

Any ideas?? :(

does it work if you enable automatic mode? did you view the rules controlling the app access?

Hello,

What build of the ESET Personal Firewall module is installed in your copy of ESET Smart Security?

Regards,

Aryeh Goretsky

It hasn't really been bothering me that much, But ESS's firewall had been blocking a type of ping for me too. When I get it to logged all blocked connections, it says, "Detected covert channel exploit in ICMP packet". The program in use is WC3Banlist(version 3.1.0.210), which is used when hosting multiplayer custom games for WarCraft III on Battle.net to ping other players.

If interested you can download it at WC3banlist.de, it has a main installer file and then an update in a zip file which is extracted to it's installation directory and needs to overwrite any files already there.

I'm using whichever firewall module came with ESS 4.0.437.0, and not the test mode.

Hello,

Can you tell me the build number of your firewall module?

Regards,

Aryeh Goretsky

-{ Quote: "It hasn't really been bothering me that much, But ESS's firewall had been blocking a type of ping for me too. When I get it to logged all blocked connections, it says, "Detected covert channel exploit in ICMP packet". The program in use is WC3Banlist(version 3.1.0.210), which is used when hosting multiplayer custom games for WarCraft III on Battle.net to ping other players.

If interested you can download it at WC3banlist.de, it has a main installer file and then an update in a zip file which is extracted to it's installation directory and needs to overwrite any files already there.

I'm using whichever firewall module came with ESS 4.0.437.0, and not the test mode." }-

-{ Quote: "Hello,

Can you tell me the build number of your firewall module?

Regards,

Aryeh Goretsky" }-

Sorry, wasn't sure how to find it till now. I checked under "About" and it says "Personal firewall module: 1047 (20090525)".

So it's build number 1047. However since that build just came out today(according to the forum sticky), and I've been having the problem since I've bought a liscence for ESS(including the previous two released versions of v4), I don't think it's something new that's causing it.

I'll update with test mode checked, and report back later after testing with 1049.

Edit: Also to let you know, in the log files where it says "Detected covert channel exploit in ICMP packet", It gives my computer IP as the source(which is expected as I'm the one sending the pings).

Ok so I haven't tested the pings in test mode, but deselecting ICMP protocol attack detection under IDS and advanced options allows the pings to go through. Any reason why it think's it's a threat normally?

Hello,

It would probably be helpful for ESET's developers to see what happens when you run a ping.

Try enabling logging mode in the firewall per this (http://kb.eset.com/esetkb/index?page=content&id=SOLN742) ESET Knowledgebase article, running a ping and then emailing the resulting data to support@eset.sk along with a link to this message thread.

Having that information should make it easier to troubleshoot the problem.

Regards,

Aryeh Goretsky

I checked that article, but it says this.
-{ Quote: "
The Personal firewall special logging mode should only be used if:

*No entries are written to Tools → Log files → ESET Personal firewall log when the Personal firewall → IDS and advanced options → Log all blocked connections option is enabled in the Advanced Setup window." }-

However I am getting entries, as I've said. Should I ignore this and go ahead? If so it looks a bit complicated so I'll wait till the weekend when I've got time to go through it.

Hello,

Yes, a log can be helpful for troubleshooting this issue.

Regards,

Aryeh Goretsky

Hey I forgot to try that in the weeked, but started to try follow the article now. When I press F8 during startup it doesn't give me an option for safe mode(article says you have to be in safe mode for v4.0) though, so I'll have to see if there is another way. When I pressed f8 it only gave me an otpion fo what to boot from, e.g floppy, hard drive or dvd drive.

Intersetingly after enabling and renabling self defense I had to renew my wireless connection by recconecting with the linksys wireless manager to access my router/the internet again. I couldn't just repair the connection by right clicking that in the sys tray.